IIS 8 with ECC certificates – increasing your SSL Security on Windows Server 2012

What is an ECC Certificate and why would you need one? The main difference with an Elliptic Curve Cryptography (ECC) certificate is with how the certificate is signed, in this case the Elliptic Curve Digital Signature Algorithm (ECDSA) is used Continue reading

Hardening SSL & TLS connections on Windows Server 2008 R2 & 2012 R2

Hardening your SSL/TLS connections is a pretty common thing to do on any Windows Server running IIS and web applications that utilize HTTPS, especially if they require some sort of compliance. It is generally a good idea to do this Continue reading

Disabling TLS 1.0 with MS SQL 2012/2014 – Services won’t start & SSMS fails to connect

Update – 2.1.2016 – I would really only use this as a last resort and I highly recommend testing this solution prior to putting it into production. At this time it does not appear that all of SQL’s features fully Continue reading

Fix the obsolete cryptography warning in Chrome on IIS 7 & 8

Update – 2.2.2016 – The ciphers originally listed in this post no longer work to fix the obsolete cryptography warning as Google has upped the requirement from DHE with AES_128_GCM to ECDHE with AES_128_GCM or CHACHA20_POLY1305. The only ciphers we Continue reading

IIS 7/7.5 Hardening SSL TLS – Windows Server 2008 R2

     One of the first steps you should do when deploying a new public facing web server is hardening your server’s SSL/TLS connections. Disabling vulnerable protocols, ciphers, hashes and key exchange algorithms can help mitigate the now more common exploits like Continue reading